X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fapi%2FGigiAPI.java;fp=src%2Forg%2Fcacert%2Fgigi%2Fapi%2FGigiAPI.java;h=ae8aee350efa70dc7837aabaa9685aeaeab755b1;hp=209ffe563932be8e87971ad2d0b7a33eeddd5971;hb=9136e3e03b6881b32aada896be3241e46cbd33d9;hpb=8d98e8c550a5fc426d7efbd57436dcb61bd41243

diff --git a/src/org/cacert/gigi/api/GigiAPI.java b/src/org/cacert/gigi/api/GigiAPI.java
index 209ffe56..ae8aee35 100644
--- a/src/org/cacert/gigi/api/GigiAPI.java
+++ b/src/org/cacert/gigi/api/GigiAPI.java
@@ -2,6 +2,8 @@ package org.cacert.gigi.api;
 
 import java.io.IOException;
 import java.io.InputStreamReader;
+import java.security.GeneralSecurityException;
+import java.security.cert.X509Certificate;
 
 import javax.servlet.ServletException;
 import javax.servlet.ServletInputStream;
@@ -9,6 +11,15 @@ import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.cacert.gigi.GigiApiException;
+import org.cacert.gigi.dbObjects.Certificate;
+import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
+import org.cacert.gigi.dbObjects.User;
+import org.cacert.gigi.pages.LoginPage;
+import org.cacert.gigi.pages.account.certs.CertificateRequest;
+import org.cacert.gigi.util.Job;
+import org.cacert.gigi.util.PEM;
+
 public class GigiAPI extends HttpServlet {
 
     @Override
@@ -27,6 +38,48 @@ public class GigiAPI extends HttpServlet {
                 strB.append(buffer, 0, len);
             }
             System.out.println(strB);
+            return;
+        }
+        X509Certificate cert = LoginPage.getCertificateFromRequest(req);
+        if (cert == null) {
+            resp.sendError(403, "Error, cert authing required.");
+            return;
+        }
+        String serial = LoginPage.extractSerialFormCert(cert);
+        User u = LoginPage.fetchUserBySerial(serial);
+
+        if (pi.equals("/account/certs/new")) {
+
+            if ( !req.getMethod().equals("POST")) {
+                resp.sendError(500, "Error, POST required.");
+                return;
+            }
+            if (req.getQueryString() != null) {
+                resp.sendError(500, "Error, no query String allowed.");
+                return;
+            }
+            String csr = req.getParameter("csr");
+            if (csr == null) {
+                resp.sendError(500, "Error, no CSR found");
+                return;
+            }
+            try {
+                CertificateRequest cr = new CertificateRequest(u, csr);
+                Certificate result = cr.draft();
+                Job job = result.issue(null, "2y");
+                job.waitFor(60000);
+                if (result.getStatus() != CertificateStatus.ISSUED) {
+                    resp.sendError(510, "Error, issuing timed out");
+                    return;
+                }
+                resp.getWriter().println(PEM.encode("CERTIFICATE", result.cert().getEncoded()));
+            } catch (GeneralSecurityException e) {
+                e.printStackTrace();
+            } catch (GigiApiException e) {
+                e.printStackTrace();
+            } catch (InterruptedException e) {
+                e.printStackTrace();
+            }
         }
     }
 }